I was invited to CSI 2010 this year to speak on the Low Hanging Fruit of Virtualizaiton Security. This presentation brought to light some simple to implement features that would give you the most security for what I consider very little cost or effort. These 7 items if implemented will improve the overall security of your virtual environment.
7. Do not use Paravirtualized drivers within DMZ based VMs, or any that hold sensitive data unless there is an absolute performance requirement to do so, and then only use the specific driver instead of installing them all.